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(54) Security system and software to prevent unauthorized use of a computing device 



(57) A security system to prevent unauthorized use 
of a computing device (1 0) comprises a icey device (20) 
canying an key Identification. Memory means are in- 
stalled in said computing device for storing a validation 
record. An interface (1 1 ,21) is provided to connect said 
key device with said computing device, rendering a 
pathway to exchange said key identification with said 
computing devk^e. The computing devk^e is loaded with 
a program to validate said key identification which is em- 
bedded in said key device using said validation record. 



)f said key identification and said validation record do 
not match use of the computing devk^e Is inhibited. The 
key devk:e comprises programmable memory means to 
store further key Information. The computer program is 
capable of accessing said further key infomiation upon 
connection of the key devk:e with the computing device. 
Said further key infonnation enables the computer pro- 
gram to automatically add a validation record associat- 
ed with said key device and to grant privileges to the key 
devtoe depending on the contents of said further key in- 
formation. 
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Description 

10001 ] The present invention relates to a security sys- 
tem to prevent unauthorized use of a computing device, 
said system comprising a key device carrying an key 
identir^tlon; memory means installed In said comput- 
ing devtee for storing a validation record; an interface to 
connect said key device with said computing device and 
to provide a pathway to exchange said key identiftcation; 
a program to validate said key identification embedded 
in said key device using saJd validation record; and 
means for inhibiting use of said computing device if said 
key kJentrficatton and said validation record do not 
match. The Invention moreover relates to software for 
preventing unauthorized use of a computing device. 
[0002] A system of the above kind is known from In- 
ternational patent application WO 00/07088 which Is In- 
corporated herein by reference. The known system In- 
volves a key device holding a key serial number together 
with a validation record stored on a hard disk drive of a 
computer. In order to gain access to the computer, a us- 
er has to connect the key device to the computer. Upon 
connection, a computer program loaded on said com- 
puter compares the serial number read from the key de- 
vice with valWation records stored on the computer and 
only grants access if said serial number matches a serial 
number stored In a validatton record. The computer au- 
tomatically powers down when no such matching vali- 
dation record is found. 

[0003] The computer program of the known system 
may be loaded in the initial program load fimrware basic 
in/output system (BIOS) for a personal computer in or- 
der to attain a low level, secure protection against inad- 
vertent use of the computer A drawback of the known 
system is however that for each computer to be secured, 
one or more validation records have to be stored on the 
computer concerned in order to render the security sys- 
tem operative. Already In a small to middle size organ- 
isation or any other environment with many computers 
whch have to be secured this turns out relatively la- 
bourious and too tedious to be carried out by a system 
manager alone. Leaving the installation of the neces- 
sary validation records on the computers entirely to the 
users themselves, on the other hand, would Impose a 
signif k»nt weakness in the security system as a whole. 
[0004] It is therefore inter alia an object of the present 
Invention to provide a s^urity system of the kind re- 
ferred to in the opening paragraph which allows, at least 
to a certain extent, for a distributed Installation by the 
users on the computing devices concerned without 
compromising the rigidity of the security system as a 
whole. 

[0005] To that end a security system of the type de- 
scribed in the opening paragraph according to the 
present invention Is characterized In that the key device 
comprises programmable memory means to store fur- 
ther key information, in that the computer program is ca- 
pable of accessing said further key information upon 



connection of the key devkje with the computing device 
and in that said further key Infonmatton enables the com- 
puter program to automatically add a validation record 
associated with said k^ devk:e and to grant privileges 

5 to the key devtee depending on the contents of sakJ fur- 
ther key Information. The key device In the system ac- 
cording to invention may be progranwed and dis- 
patched centrally by a system manager or any other re- 
sponsible officer in the organisation. The further key in- 

10 fomiation which is thereby stored in the key device en- 
ables the key device to register itself onto a computing 
devk:e once a connection is established. As such the 
key contains all infomriation necessary to add a com- 
plete validation record to the computing devfce without 

IS any further intervention by its user. Although the physi- 
cal registration may be perfonmed by the user himself, 
the system manager nevertheless remains fully in con- 
trol of the privileges whteh are eventuaHy granted to the 
user. 

20 [0006] A pretended embodiment of the security system 
is according to the invention characterized in that said 
further key information comprises a key type Identifica- 
tion of said key device and in that said computer pro- 
gram grants privileges to the key device depending on 

29 the key type of the key devtee. Instead of exactly spec- 
ifying the privileges whteh may be derived from a key 
device, specifto key types are used which define a pre- 
defined access profile. The key type is written into the 
key device memory and enables the computer program 

30 to add the appropriate validation record to the comput- 
ing device, If access is permitted at all. These key types 
and associated access profiles make it relatively easy 
for a system manager to correctly program and manage 
ail keys to be issued. 

35 [0007] In a special embodiment the security system 
according to the Invention is characterized In that the 
key t^e Identifies the key device as a prime user key 
which enables first time access to the computing device. 
The prime user key is meant for a principal user of the 

40 computing devtee running the computer program. In this 
embodiment, each computing device should have a 
principal user and there can only be one principal user 
per system. Principal or prime users identify themselves 
as such by a key device of the specific type and may as 
such gain access to a system onto which so far no (oth- 
er) principal user has been registered. After such first 
time access, only the principal user can add or delete 
further users and accordingly decide who will have ac- 
cess to the computing device and the stored data. Op- 

50 tionaliy a computing device specific code may be added 
to the prime user key to limit the above privileges to a 
specific computing devtee only. After registration on a 
specifte computing device the prime user key will loose 
that status and wilt further act as a nomnal key. in order 

5S to register on a new computing devtee as a prime user, 
the key needs to be re-activated as such by the system 
operator or the like so that security within the system is 
presented. 
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[0008] A further embodiment of the security system 
according to the invention is characterized in that the 
key type identifies the key devk^e as a normal user key. 
A normal user key may be programmed for users who 
need access to a confuting device that has already s 
been configured by a principal user as described here- 
inbefore. A computing devk)e cannot be accessed by 
means of a nonnai user key unless a principal user has 
already been registered on said computing devtee and 
has granted access for the nonnal user key user. As io 
such rt is the principal user who grants or denies nontial 
user access to the computing device by adding or de- 
leting the appropriate validation record from a list of nor- 
mal users of the system. If desired, the number of nor- 
mal users of the system may be restricted to a certain, is 
pre-defined maximum. 

[0009] In a further embodiment, the security system 
according to the invention is characterized In that the 
key type identifies the key device as a service key which 
enables access to a restricted portion of the computing so 
device only. To allow service or maintenance operations 
on a system, the system manager may in this embodi- 
ment program a special service key. The service engi- 
neer that uses the service key can log onto the system, 
but h as subsequently only limited access to th e comput- ^ 
Ing device. User specific, persona) data may for instance 
be hidden, whereas access to general system infonma- 
tion may be granted to enable software and hardware 
updates or any other maintenance by the service engi- 
neer. A service key need not be limited to a specific com- 30 
puting device but may Instead operate on all computing 
devices in the organisation or a selected part thereof. 
Unlike a normal key, the service key does not need to 
be registered on a computing devtee to give access and 
hence no intervention by an end user is required. ss 
[001 0] Often larger oiiganisatlons are divided into de- 
partments and groups of users which should have mu- 
tual access to their computing devices and associated 
data but not beyond that level. In view thereof, a special 
embodiment of the security system according to the in- 40 
vention is characterized In that the further key infonna- 
tion identifies the key device as a group key, enabling 
access to computing devices belonging to a specific 
group. Such a group key allows access to all computing 
devices that have a principal user belonging to the same ^ 
group. The principal user of a computing device nonnai- 
ly grants such access. However, a principal user belong- 
ing to one group cannot grant access to a key device 
belonging to another group. As a result central control 
of group access may be secured although the actual so 
registration is carried out by end users. 
[(Mil] in larger organisations it may be required to 
have access to a computing device without the interven- 
tion of the principal user involved to allow management 
of several groups. In viewthereof, a further embodiment 55 
of the security system according to the invention is char- 
acterized in thatthe further key infomiation identifies the 
key device as a master key, enabling immediate access 



to computing devices belonging to one or more selected 
groups. In this respect immediate access means that 
such a master key will give access to the computing de- 
vice concerned without intervention by a principal user, 
provided that the computing device has a principal user 
belonging to a group the master key has been issued 
for. A master key can support a number of different, pre- 
defined groups, so that a system manager may control 
th level of access by a master key holder. 
[0012] The key devk» provides a level of security 
which requires the possession of the device itself. With- 
out a key device no access Is possible to a computing 
devk:e In the system. To attain an even higher degree 
of security a special embodiment of the security system 
according to the invention is characterized in that at 
least one of the further key information and the valida- 
tion record comprises a personal authorization code to 
be input by a user of the key devk;e. After having estab- 
lished a connectton between the key devtoe and the 
computing device, requiring the possession of the key 
devk:e, the user will in this case be prompted for a per- 
sonal identification or authorization code, requiring 
knowledge. Only a user having both the possession of 
the key device and knowledge of the authorization code 
may gain access to the computing device. This addition- 
al security is specifically Important In case of loss ortheft 
of a key device. 

P013] In a further embodiment, the security system 
according to the invention is characterized in that the 
further key information comprises an encryption key 
which enables the encryption and decryption of informa- 
tion stored on the computing device. Encryption of the 
relevant data provides a further level of security. I n case 
of unauthorized access to the computing device, by- 
passing the security offered by the key device itself, the 
data stored In the computing devk:e, or at least the sen- 
sitive part of it, may thus still be protected against mis- 
use by means of a suitable encryption algorithm requir- 
ing the decryption key to render the data eligible. 
[0014] The key device may have an unlimited lifetime 
or may be issued for a limited period only. To Implement 
this functionality, a further embodiment the security sys- 
tem according to the Invention is characterized in that 
the further key infomiation comprises an access limit de- 
fining a maximum number of access permissions grant- 
ed to the key devfce. A key device of this kind may for 
instance be used for a service engineer of user who 
needs only temporary access to a computing device. Af- 
ter said number of access penmlssions the key devtoe 
becomes invalid and useless so It presents no thread 
anymore to the security of the computing device. 
(001 5] The invention will now described in more detail 
with reference to a specific embodiment and an accom- 
panying drawing, whrch shows in: 

figure 1 a basic setup of a security system in ac- 
cordance with one embodiment of the present in- 
vention; and in 
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figure 2 a flowchart of a computer program capable 
of running on a computing device which is secured 
by an embodiment of the security system in accord* 
ance with the present invention. 

[001 6] The present invention provides a security sys- 
tem to prevent unauthorized access to a computing de- 
vice. IVIany Idnds of computing devices are suitable to 
be protected by means of a system according to the In- 
vention such as different kinds of computers like person- 
al computers, laptop computers, so called personal dig* 
Ital assistants (PDA or palmtop computer and the like, 
but also other computing devices like telephone sets 
and different kinds of electronic domestic appliances 
lean themself for the present security system. Ail that is 
required is an interface to communk:ate with the device 
and a microprocessor together with storage means with- 
in the device to process an access request. In the em- 
bodiment below, a personal computer is taken just as 
an exarnple without delimiting the present Invention to 
that kind of devtoe. 

[0017] In order to secure one or more a personal or 
laptop computers 1 0, a key devk;e 20 Is Issued for each 
device by a system manager or any other person within 
an organisatton responsible for security of the fP envi- 
ronment. The key devtee 20 consists of a little token 
whteh may readily be attached to other keys of the user, 
like home and car keys, likely to be carried along. Key 
information 25 is written into the key device by means 
of appropriate software, available to the system manag- 
er only, In order to activate the key device. The key de- 
vice comprises programmable memory means capable 
of storing saki key infomiation. In this embodiment flash 
EEPROM is used as storage medium in the key device 
but also other kinds of non-volatile, one-time or repeat- 
edly programmable memory may be used or even vol- 
atile memory provided that the latter Is accompanied by 
a suitable power source, like a battery or the like, in order 
to avoid data loss. 

[0018] The key device contains a unique Key ID, 
which may be provided as manufactured in the form of 
a unique serial number or may be programmed later on 
once the key device is activated. Besides a unk;|ue ID, 
the key device of the present example holds one or more 
Group ID'S, an Encryption Key for each group, a Key 
Type Identification and an Active Count number. These 
data are provided by the system manager as the key is 
Issued and activated. The purpose of the several data 
fields will become apparent below. Depending on the 
specific application more data fields may be added to 
the above described key information or some may pos- 
sibly be dispensed with as the case may be. The key 
device 20 comprises a standard Infrared interface 21 
whfch operates according to the Ultra Protocol as es- 
tablished by the Infrared Data Association (IrDA) in or- 
der to facilitate data communication between a system 
manager's wori< station and the key device. The above 
data are written into the key memory using this Interface. 



[0019] The same interface is used as a communica- 
tion means with a user system in order to gain access. 
To this end the computer system is turned on, which 
causes a computer program associated with the system 
s of the invention to launch as part of the startup proce- 
dure, preferably embedded in the BIOS ROM boot se- 
quence. The basic flow of this program is schematk;ally 
drawn In figure 2. The program starts at 100 and auto- 
matkrally proceeds to a first procedure 200 to lock the 
10 keyboard and mouse of ^e computer system and to 
prompt the user to connect the key device. The latter Is 
simply accomplished by pointing the key device 20 IrDA 
interafce 21 to a similar infrared interface 11 on the com- 
puter system 1 0 as indicated in figure 1 and pressing a 
^5 button on the key device to start data exchange. Once 
connected, the computer program Is capable of access- 
ing and retrieving key infomiation from the key device 
and will read the key information as part of the program's 
execution. 

^ [0020] First a verifrcatidn step 202 is carried out to es- 
tablish whether or not the key device Is a valid device 
for the system concerned, as such it should belong to 
the same group as the computing device. A specific in- 
teger value both in plain fomn and In encrypted torn, us- 

25 tng the group's encryption key, has been written to the 
computing devtoe during set up. At stage 202 this inte- 
ger value is sent to the key device whk:h upon receipt 
encrypts the integers value using its own, embedded en- 
cryption key. The result is then transmitted to the com- 

30 puting device and there compared to the stored encrypt- 
ed value, if both encrypted values are identical to one 
another, the verif teation step 202 is successful and the 
program proceeds to step 205, where the key informa- 
tion is actually accessed and transferred to the system. 

35 If no valid verification appears to be possible, the pro- 
gram terminates immediately, and no transfer of sensi- 
tive key information takes place at all. As such the in- 
vention provides unparalleled security. 
[0021] A rolling code mechanism is used In the key 

40 devk:e in order to avoid tampering by means of inter- 
ception of the communication signal between the key 
devbe and the computer system. This mechanism, also 
known as code hopping, generates a different random 
code using a non-linear encryption algorithm each time 

45 the key device connects to the computer system. This 
rolling code renders every transmission unique so cap- 
turing and re-transmltdng the code is useless. The roll- 
ing code is a combination of a sync counter and an en- 
cryption key using a non-linear encryption algorithm. 

50 The sync counter value is the basts of every different 
code for each transmission and is updated each time 
the button of the key device Is pressed and a connection 
is made with the computers system. Because of the 
complexity of such a code hopping principle, already a 

55 Change In one bit of the sync value will result in a large 
change in the actual code whch is being transmitted, 
which Is hence impossible to predict. The sync value in 
the key device and a comesponding one on the compu- 
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ter system are synchronized each time a connection is 
made. 

[0022] Primarily the key type recorded in the key de- 
vice detennines the further flow of the program. One 
byte of storage Is used within the key device to be able 
to implement 256 different key types. As such onfy the 
six key types listed in the next table are used In this ex- 
ample, but numerous other key type may be envisaged 
without departing from the scope of the present inven- 
tion each giving Its own functionality and privileges. 



Key type: 


Byte code: 


Master key 


00000000 


User keys: 




Prime 


00000001 


Normal 


00000010 


Replacement 


00000011 


Group key 


00000100 


Servtee key 


00000101 



[0023] if the program Identifies the key device as a 
master key In step 210, Immediate access is granted 
without any further validation of the key devtee. The pro- 
gram stops at a first temilnatlon 300. 
[0024] if the key devk;e is not a master key, the vali- 
dation program continues and checks at point 220 
whether the key device is a user key. Different types of 
user keys may be issued. As such the above table lists 
a Prime or Principal user key, a Normal user key and a 
Replacement user key. If the program identifies the key 
device as any of these types of user keys it continues 
to step 225 where it checks whether the user key is a 
prime or principal user key. This key is used for first time 
access to a system and embodies the core of the 
present invention. Each computing device within the 
system of the present invention has Its own principal us- 
er being the user that logged onto the device with a 
prime user key when the devtee was not allocated yet. 
Upon connecting the principal user key the program will 
identify the key devtee as such in step 225 and proceeds 
to step 230 to add vaildation table to the system. This 
validation table is written to hard disk and contains a 
record for each user which is allowed access to the sys- 
tem. Each validation record holds the user infomnation 
shown in figure 1 in conjunction with the computer sys- 
tem and comprises such a record associated with the 
principal user ab initio. Aften^ards, the principal user 
may add as many additional users to the system as de- 
sired, using a separate software tool, provided these ad- 
ditional usef^ are in the same group as the principal us- 
er This privilege of the principal user emerges from the 
access level whtoh is record in the validation table for 
each user and Is set to full access as a system admin- 
istrator for the principal user The group ID associated 
with the princtpai user is copied firom the prime user key 
and detennines which other user may be added to the 



8 

system on the discretion of the principal user After the 
validation table has been added the prindpat user is giv- 
en access to the system and the key device Independ- 
ently sets the key type byte to that of a normal user key 

5 SO that the principal user key can be used only once to 
allocate a computer system. Accordingly, without having 
to interfere with the installation of key devices on the 
system, a system manager responsible for Issuing the 
key devices, keeps control of the security within the sys- 

*o tem. 

[0025] A special kind of key device is the so called 
replacement key whk^h is used in case of loss or theft 
of the principle user key of a system. The presence of 
this type of key is checked at stage 235 of the program. 

IS A replacement key Is programmed by the system man- 
ager with the same group numt>er and encryption key 
as that of the lost prime user key. The prime user cmay 
then use this replacement key to gain access to his own 
system. After being verified en found valid in step 202 

20 the prograrh proceeds to step 240 where the efxistfng, 
original prime user record is deleted and replaced by the 
appropriate record information of the replacement key. 
At the end the replacement key sets its own type iden- 
tification to that of a prime user key. From now on the 

25 replacement key behaves like a prime user key and the 
original prime user key has become inoperative. 
[0026] If the user key device Is not a princtpai user key 
or a replacement key but a nomial user key or a replace- 
ment key, the computer program will try to verify the key 

30 Information at stage 245. As such it will first search the 
system for a validation table. If no such table Is found, 
access is denied and the program terminates at 350. If 
on the other hand a validation tables exists on the sys- 
tem the computer program will look for the appropriate 

35 user reconj in order to validate the key device. This is 
done by using the encryption key written In the key de- 
vice. This key Is used to decrypt the PlN-code, access 
level, encryption key and possibly other user information 
which are stored in the user record in encrypted form. 

40 After decrypting this information using the encryption 
key which Is retrieved from the key device, the computer 
program establishes in step 250 whether the result is 
sensible or not. In the latter case access is denied lead- 
ing to temnlnatlon 350 of the program. Othenvise the 

45 program continues to step 255 to check whether or not 
a PIN code is stored in the user record. It should be not- 
ed that the encryption key does not reside in pennanent 
memory on the computing device but in the key device 
only. Once the key device has been verified the encryp- 

50 tion key of the key device is written Into volatile memory 
of the computing de^ce, where it is at the disposal of 
the computing device forthe duratton of a session. Upon 
power down or a power save mode the encryption key 
is erased from the computing device's memory and 

55 should again be transferred to the computing device to 
gain unlimited access, using the key devk%. In this man- 
ner it is practically Impossible to retrieve the encryption 
key from in case of possession of merely an inactive 
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computing device, while all sensitive data on the com- 
puting device reside in encrypted fomi. 
[0027] A PIN code provides additional security and 
may be recorded once a user is added to the system, at 
the diolce of that user. With a PIN code stored in the 5 
system the user needs something to have, I.e. the l(ey 
device, together with something to know, i.e. the PIN- 
code, in order to gain access to the system. As the PIN* 
code is stored in encrypted f omn it Is not possible for 
other users to retrieve the PIN code from the system io 
itseff after having gained access to the validation table. 
The invention, hence, provides an extreme high degree 
of security. After the PIN code has been validated in step 
260 and found valid In step 265 the program proceeds 
to step 270. If the PIN-code is found invalid the program 
tenninates at 350 and access is denied. If no PIN-code 
has been recorded for the specific user, the validation 
steps 260,265 are by>passed and the program proceeds 
to step 270 without further action. 
[0028] At step 270 the prograni establishes whether so 
the l<ey device has expired yet or not. This is done by 
means of the access count which may have been witten 
to the key device when it was issued and which deter- 
mines the maximum times of access to the system by 
means of that key. The user record comprises an Access 25 
Count field in order to record each time access is given 
to that user, tf In step 270 the Access Count read from 
the user record exceeds the Active Count, access is de- . 
nied and the program tenninates at 350, other wise the 
Access Count Is incremented by one In step 275 and ^ 
access is granted at termination 300. 
[0029] The encryption key retrieved from the user's 
key device Is indispensable for decrypting (and encrypt- 
ing (selected) data on the computing devk^e. According- 
ly, even if all security steps of the access program ac- ss 
cording to the invention are bypassed, the (sensitive) 
data residing on the system are stiii protected. Because 
the highly sensitive encryption key need not be stored 
on the computing device within the system of the inven- 
tion, the system is ever protected against abuse by in- 40 
truders not having an appropriate key devk». 
[0030] Besides user keys special key may be issued 
for special users. As such a group key allows access to 
all systems in one or more groups, which are identified 
as such by means of a collection of group ID'S which ^9 
have been written into the key device. A group key may 
be issued In order to allow management of an entire 
group of computing devices, if the key device is a group 
key the program immediately branches to step 280 at 
verification of the key device in step 220. In the subse- so 
quent validation step 285 the program checks whether 
a validation table exist and the group ID listed in the val- 
idation table in conjunction with the principal user, is ac- 
tually present In the collection of group ID'S retrieved 
from the group key device. Moreover, the group key 55 
should contain the encryption key of each group for 
which It is issued. If all affirmative, access is granted and 
the program temilnates at 300. othenwise access is de- 



nied at 350. Optionally a PIN code may be required to 
gain group access, in which case the con^uter program 
will comprise the necessaiy validation procedures be- 
tween step 290 and tennination 300. 
[0031] To allow servtee or maintenance operations on 
a system, a system manager can program a special 
service key. A service engineer that uses the service key 
can log into a system but cannot access the data resid- 
ing on the system In an encrypted volume. This is Im- 
plemented in step 295 of the program. If the key devk:e 
Is kjentified as a service key access Is given. Because 
the servk:e key is only meant to be used for service op- 
eration on the computing devtee it does not contain an 
appropriate encryption key to access the encrypted data 
on the system. The servtee key accordingly has only lim- 
ited access at termination 325 of the program. If desired 
a service key may be limited to one or more groups and 
may be accompanied by a PIN-code, in which case the 
program will have the appropriate verification steps be- 
tween steps 2i95 and 325. 

[0032] It the computer program does not identify the 
key device as a service key in step 295 It will temninate 
at 350. The system according to the invention Is hence 
a closed system in that only the key types known to the 
computer program may give access to the system, pro- 
vided the have the right credentials, and others simply 
won*t The invention thereby provides for a security sys- 
tem whk:h may be managed from a distance by a system 
manager without losing security control. 
[0033] Although the invention has been elucidated to 
more extend in conjunction with the embodiment de- 
scribed hereinbefore, it will be appreciated that the in- 
vention is not at all limited to the specific example given. 
On the contrary, numerous other embodiments and ex- 
anples are feasible for a skilled person without depart- 
ing from the scope and the spirit of the present invention. 



Claims 

1 . A security system to prevent unauthorized use of a 
computing devbe. said system comprising a key 
device carrying an key identification; memory 
means installed in said computing device for storing 
a validation record; an interface to connect said key 
device with said computing device and to provide a 
pathway to exchange said key Identlfk^Uion; a pro- 
gram to validate said key identifcatton embedded 
in saki key device using said validation record: and 
means for Inhibiting use of said computing device if 
said key identification and said validation record do 
not match characterized In that the key device 
comprises programmable memory means to store 
further key information, in that the computer pro- 
gram is capable of accessing said further key infor- 
mation upon connection of the key device with the 
computing device and in that said further key infor- 
mation enables the computer program to automat- 
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icatly add a vaiidation record associated with said 
key device and to grant privileges to the key device 
depending on the contents of said further key infor- 
mation. 

5 

2. A security system according to claim 1 character- 
ized in that said further key information comprises 
a key type identification of said key devtee and In 
that said computer program grants privileges to the 
key device depending on the key type of the key io 
device. 

3. A security system according to claim 2 character- 
ized in that the key type identifies the key device 

as a prime user key which enables first time access is 
to the computing device. 

4. A security system according to claim 2 character- 
ized In that the key type Identifies the key device 

as a nomnaf user key. 20 

5. A security system according to claims 2 character- 
ized In that the key type identifies the key device 
as a service key which enables access to a restrict- 
ed portion of the computing devtee only. 25 

6. A security system according to any of tli e preceding 
claims characterized In that the further key Infor- 
mation Identifies the key device as a group key, en- 
abling access to computing devices belonging to a 30 
specific group. 

7. A security system according to claim 6 character- 
ized in that the further key infomiallon Identifies the 
key device as a master key, enabling Immediate ac- 35 
cess to computing devices belonging to one or more 
selected groups. 



maximum number of access pemiissions granted 
to the key device. 

12. A security device according to anyone of the pre- 
ceding claims characterized in that said interface 
connprtses a wireless connection between the key 
device and the computing device. 

13. A security system according to any one of the pre- 
ceding claims characterized in that key devk:e and 
said computing device are capable of encrypted da- 
ta exchange over said interface. 

14. Software to prevent unauthorized access to a com- 
puting devk;e as used in the system according to 
anyone of the preceding claims. 

15. Software according to claim 14 comprising means 
to identify a key devtee connected to said computing 
device and to retrieve a specific key information 
from said key device, in which said key information 
detemnines at least part of a further execution of the 
software's program code. 

1 6. Software according to claim 1 4 or 1 5 characterized 
In that said key information enables the computer 
program to automatically add a validation record as- 
sociated with said key device and to grant privileges 
to the key device depending on the contents of said 
key Infonmatlon. 



8. A security system according to any one of the pre- 
ceding clainr^ characterized In that at least one of <o 
the further key Information and the validation record 
comprises a personal autho rization code to be input 
by a user of the key device. 



9. A security system according to any one of the pre- 4s 
ceding claims characterized in that the further key 
Infonmation comprises an encryption key which en- 
ables the encryption and decryption of Information 
stored on the computing device. 

so 

10. A security system according to claim 9 character- 
ized in that the encryption key is stored in the key 
device permanently and on the computing device 
only temporary for the duration of a session. 

55 

11. A security system according to anyone of the pre- 
ceding claims characterized in that the further key 
infonnatlon comprises an access limit defining a 
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